Get your server issues fixed by our experts for a price starting at just 25 USD/Hour. Click here to register and open a ticket with us now!

Author Topic: ET WEB_SPECIFIC_APPS Possible WP CuckooTap Arbitrary File Download  (Read 3167 times)

0 Members and 1 Guest are viewing this topic.

nidhinjo

  • Guest
This signature detects HTTP requests that attempt to exploit a remote file include vulnerability in the Wordpress links.all.php script. Wordpress allows users to generate news pages and weblogs dynamically. It uses PHP and a MySQL database to generate dynamic pages. A vulnerability has been reported for Wordpress. The problem is said to occur due to insufficient sanitization of user-supplied URI parameters.

Specifically the '$abspath' variable, which is used as an argument to the PHP require() function, is not sufficiently sanitized of malicious input. As a result, an attacker may be capable of including a malicious 'blog.header.php' from a controlled web server. This may result in the execution of PHP commands located within the script. Successful exploitation of this vulnerability would allow an attacker to execute arbitrary PHP commands on a target server, with the privileges of Wordpress. PHP remote file inclusion vulnerability in wp-links/links.all.php in WordPress 0.70 allows remote attackers to execute arbitrary PHP code via a URL in the $abspath variable.

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

CVSS Scores & Vulnerability Types

Code: [Select]
CVSS Score                  7.5
Confidentiality Impact      Partial (There is considerable informational disclosure.)
Integrity Impact              Partial (Modification of some system files or information is possible, but the attacker does not have control over what can be modified, or the scope of what the attacker can affect is limited.)
Availability Impact           Partial (There is reduced performance or interruptions in resource availability.)
Access Complexity          Low (Specialized access conditions or extenuating circumstances do not exist. Very little knowledge or skill is required to exploit. )
Authentication               Not required (Authentication is not required to exploit the vulnerability.)
Gained Access              None
Vulnerability Type(s)      Execute CodeFile Inclusion
CWE ID                        94

Products Affected By CVE-2003-1599

-Wordpress 0.70

Solution

-Update the Wordpress to the latest version